Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Threat behavior detection and model establishment method, device, electronic device and storage medium

A technology for detecting models and behaviors. It is applied in the field of network security and can solve the problems of occupying computing resources and low efficiency of internal threat behavior detection.

Active Publication Date: 2022-07-12
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the purpose of the embodiments of the present application is to provide a threat behavior detection and model building method, device, electronic equipment, and storage medium to improve the low efficiency of internal threat behavior detection and occupy many computing resources in the prior art.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat behavior detection and model establishment method, device, electronic device and storage medium
  • Threat behavior detection and model establishment method, device, electronic device and storage medium
  • Threat behavior detection and model establishment method, device, electronic device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.

[0039] In the existing network security protection technologies, the methods for detecting insider threats include: method 1, collecting user attribute information, including name, age, gender, psychological evaluation, interpersonal communication, job completion quality, job satisfaction, etc.; After the data is cleaned and preprocessed, the similarity between users is calculated through the user portraits; the K-Means algorithm is used to cluster the user attribute portraits to obtain user groups with similar behavior patterns; the second method is to obtain user behavior information and identification information; According to the user's behavior sample set, the long-short-term memory network classification model is obtained by training; according to the user identification informatio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application provides a method, device, electronic device and storage medium for threat behavior detection and model establishment, and relates to the technical field of network security. The method for establishing a threat behavior detection model includes: creating a training set and a verification set based on the attribute features and behavior features in the user data set; calling the LGBMClassifier interface to instantiate the model, and setting the model parameters of the instantiated model through the interface; The interface instantiation model is trained to obtain a threat behavior detection model based on LightGBM. The detection model is used to output the illegal probability based on the input detection features. The detection features include the attribute features and behavior features of the user to be detected. Threat behavior detection through the threat behavior detection model does not need to set a separate detection model for each user, and the LightGBM algorithm has the characteristics of parallel computing, which improves the detection efficiency and reduces its consumption of computing resources.

Description

technical field [0001] The present application relates to the technical field of network security, and in particular, to a method, apparatus, electronic device and storage medium for threat behavior detection and model establishment. Background technique [0002] Insider threats refer to insiders or external attackers disguised as insiders who use legal identities and permissions to destroy systems or data, steal information, abuse resources, etc., posing security hazards to enterprises or organizations. With the gradual strengthening of security protection technologies such as firewalls, insider threats have gradually become a common method for attackers to implement insider threats through password theft and profit inducement. [0003] Insider threat detection is usually based on user log data in the internal network. In related research, machine learning algorithms such as K-Means, Isolation Forest, Long Short-Term Memory Network, and Bayesian Network are widely used to d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L41/14H04L43/16
CPCH04L63/1416H04L63/1441H04L41/145H04L43/16
Inventor 黄娜李建国余小军
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com